Choose the alternative, if any, that would serve as the definition for a resource method that would allow a JAX-RS resource to obtain this authentication data (Choose one):

HTTP clients can provide authentication information to the server via the “Authorization” header in the HTTP request. Choose the alternative, if any, that would serve as the definition for a resource method that would allow a JAX-RS resource to obtain this authentication data (Choose one):

HTTP clients can provide authentication information to the server via the “Authorization” header in the HTTP request. Choose the alternative, if any, that would serve as the definition for a resource method that would allow a JAX-RS resource to obtain this authentication data (Choose one):

A.
It is impossible for a JAX-RS resource to obtain this information, since low-level HTTP data is not presented to the JAX-RS application layer.

B.
@GET @Path(“/authInfo”)
public String getAuthInfo( String authenticate ) {
return authenticate;
}

C.
@GET @Path(“/authInfo/{AUTHENTICATE}”)
public String getAuthInfo(
@PathParam(“Authorization”) String auth ) {
return authenticate;
}

D.
@GET @Path(“/authInfo”)
public String getAuthInfo(
@HeaderParam(“Authorization”) String auth ) {
return authenticate;
}

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

Leo Yu

Leo Yu

in practice, container-managed role-based authentication is better if the REST is based on existing web application or EJB

Reply

Mohamed Fayek Saber

Mohamed Fayek Saber

D is the correct answer

Reply

Mohamed Fayek Saber

Mohamed Fayek Saber

1. @HeaderParam Example
In this example, it gets the browser “user-agent” from request header.

import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.Path;
import javax.ws.rs.core.Response;

@Path(“/users”)
public class UserService {

@GET
@Path(“/get”)
public Response addUser(@HeaderParam(“user-agent”) String userAgent) {

return Response.status(200)
.entity(“addUser is called, userAgent : ” + userAgent)
.build();

}

}

Reply

Mohamed Fayek Saber

Mohamed Fayek Saber

Java restful webservices with HTTP basic authentication.

In the context of a HTTP transaction, basic access authentication is a method for an HTTP user agent to provide a user name and password when making a request.

HTTP Basic authentication implementation is the simplest technique for enforcing access controls to web resources because it doesn’t require cookies, session identifier and login pages. Rather, HTTP Basic authentication uses static, standard HTTP headers which means that no handshakes have to be done in anticipation.

When the user agent wants to send the server authentication credentials it may use the Authorization header. The Authorization header is constructed as follows:

1) Username and password are combined into a string “username:password”
2) The resulting string is then encoded using Base64 encoding
3) The authorization method and a space i.e. “Basic ” is then put before the encoded string.

For example, if the user agent uses ‘Aladdin’ as the username and ‘open sesame’ as the password then the header is formed as follows:

Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

https://www.java2novice.com/restful-web-services/http-basic-authentication/

Reply